cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
896
Views
5
Helpful
5
Replies

Rate limit on 3560 not functioning

chronix
Level 1
Level 1

Hello,

i done various reseaches within cisco.com and came out a very simplified cmd to correctly perform L2 port-based rate limiting. However when applied into my test switch, i couldnt't see any counters/result captured for 'show polic-map interface'. Can someone advise if this setup is done correctly.

mac access-list extended l2

permit any any

ip access-list extended l3

permit ip any any

class-map match-all L2-traffic

match access-group name l2

class-map match-all L3-traffic

match access-group name l3

!

policy-map Customer-1-policy-ingress

class L2-traffic

police aggregate Customer-1

class L3-traffic

police aggregate Customer-1

interface GigabitEthernet0/1

switchport access vlan 50

spanning-tree portfast

service-policy input Customer-1-policy-ingress

SW01#show policy-map interface

GigabitEthernet0/1

Service-policy input: Customer-1-policy-ingress

Class-map: L2-traffic (match-all)

0 packets, 0 bytes

offered rate 0 bps, drop rate 0 bps

Match: access-group name l2

Class-map: L3-traffic (match-all)

0 packets, 0 bytes

offered rate 0 bps, drop rate 0 bps

Match: access-group name l3

Class-map: class-default (match-any)

0 packets, 0 bytes

offered rate 0 bps, drop rate 0 bps

Match: any

0 packets, 0 bytes

rate 0 bps

Any help is greatly appreciated.

5 Replies 5

irisrios
Level 6
Level 6

Software feature thatcan help you accomplish what you want is QoS. Classify the traffic into class, configure policies applied to those traffic classes, then attach poiliies to interfaces

armin.kask
Level 1
Level 1

We do rate limiting like this.

class-map IP

match ip dscp default

policy-map 1meg

class IP

police 1000000 19200 exceed-action drop

int gi0/1

service-policy input 1meg

Armin

Joseph W. Doherty
Hall of Fame
Hall of Fame

Unlike a router, you won't see the stats with a show policy-map interface. Try "show mls qos interface statistics".

leon.mflai
Level 1
Level 1

Unlike "router", for ordinary Catalyst switch (except ME series), you should apply "srr-queue" to rate limit the traffic on egress interface. If you really want "MQC" like setup, you should consider matching the flow (cef) the traffic instead of a class in the setup.

manav.joshi
Level 1
Level 1

one cannot check policy-map on interfaces the same way as one checks the output on routers.

3500 series switches have there own way on check QOS.

1. Firstly, check qos in enabled on box

mls qos

2. To mark COS value while being part of policy-map that trusts( does not overwrite) the incoming DSCP value, then "mls qos cos policy-map" needs to be enabled.

3. Make a mls qos aggregate-policer & then call the policer in a policy-map on an interface through service-policy.

4. To verify the policer has got applied on a interface. Check show mls qos int <> policer.

5. QOS capability/attribute of above interface

show mls qos interface <>

6. Statistics values through show mls qos interface <> statistics

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: